// security researcher

Find the hole.
Write the report.
Get paid.

Bug bounty hunter. I look for vulnerabilities in production systems, document what I find, and write it up so developers can fix it. This is where I publish the ones I'm allowed to talk about.

Active · bug bounty

Focus: web apps, APIs, GraphQL

Based in: Switzerland

// recent writing

local-models Same Model, Different Brain: How a ReACT Loop Transformed a 35B Model's Security Skills 2026-03-16
methodology How I Approach a New Bug Bounty Target 2026-03-11
bug-bounty When 'Informative' Is the Answer 2026-03-11

Find the hole.Write the report.Get paid.

Find the hole.
Write the report.
Get paid.